catch-up commit

.env

@@ -1 +1,239 @@
-mailcow.conf
+# ------------------------------
+# mailcow web ui configuration
+# ------------------------------
+# example.org is _not_ a valid hostname, use a fqdn here.
+# Default admin user is "admin"
+# Default password is "moohoo"
+
+MAILCOW_HOSTNAME=mx2.local.une.fi
+
+# Password hash algorithm
+# Only certain password hash algorithm are supported. For a fully list of supported schemes,
+# see https://mailcow.github.io/mailcow-dockerized-docs/models/model-passwd/
+MAILCOW_PASS_SCHEME=BLF-CRYPT
+
+# ------------------------------
+# SQL database configuration
+# ------------------------------
+
+DBNAME=mailcow
+DBUSER=mailcow
+
+# Please use long, random alphanumeric strings (A-Za-z0-9)
+
+DBPASS=j10xYt3EhvleDutTy6xpqkQzRE2G
+DBROOT=6XuW3InBpsJmqQXd4QPNf1pRmO0O
+
+# ------------------------------
+# HTTP/S Bindings
+# ------------------------------
+
+# You should use HTTPS, but in case of SSL offloaded reverse proxies:
+# Might be important: This will also change the binding within the container.
+# If you use a proxy within Docker, point it to the ports you set below.
+# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT
+# IMPORTANT: Do not use port 8081, 9081 or 65510!
+# Example: HTTP_BIND=1.2.3.4
+# For IPv4 and IPv6 leave it empty: HTTP_BIND= & HTTPS_PORT=
+# For IPv6 see https://mailcow.github.io/mailcow-dockerized-docs/post_installation/firststeps-ip_bindings/
+
+HTTP_PORT=80
+HTTP_BIND=
+
+HTTPS_PORT=443
+HTTPS_BIND=
+
+# ------------------------------
+# Other bindings
+# ------------------------------
+# You should leave that alone
+# Format: 11.22.33.44:25 or 12.34.56.78:465 etc.
+
+SMTP_PORT=25
+SMTPS_PORT=465
+SUBMISSION_PORT=587
+IMAP_PORT=143
+IMAPS_PORT=993
+POP_PORT=110
+POPS_PORT=995
+SIEVE_PORT=4190
+DOVEADM_PORT=19991
+SOLR_PORT=18983
+REDIS_PORT=7654
+
+# Your timezone
+# See https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a list of timezones
+# Use the row named 'TZ database name' + pay attention for 'Notes' row
+
+TZ=America/Chicago
+
+# Fixed project name
+# Please use lowercase letters only
+
+COMPOSE_PROJECT_NAME=mailcowdockerized
+
+# Set this to "allow" to enable the anyone pseudo user. Disabled by default.
+# When enabled, ACL can be created, that apply to "All authenticated users"
+# This should probably only be activated on mail hosts, that are used exclusivly by one organisation.
+# Otherwise a user might share data with too many other users.
+ACL_ANYONE=disallow
+
+# Garbage collector cleanup
+# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring
+# How long should objects remain in the garbage until they are being deleted? (value in minutes)
+# Check interval is hourly
+
+MAILDIR_GC_TIME=7200
+
+# Additional SAN for the certificate
+#
+# You can use wildcard records to create specific names for every domain you add to mailcow.
+# Example: Add domains "example.com" and "example.net" to mailcow, change ADDITIONAL_SAN to a value like:
+#ADDITIONAL_SAN=imap.*,smtp.*
+# This will expand the certificate to "imap.example.com", "smtp.example.com", "imap.example.net", "smtp.example.net"
+# plus every domain you add in the future.
+#
+# You can also just add static names...
+#ADDITIONAL_SAN=srv1.example.net
+# ...or combine wildcard and static names:
+#ADDITIONAL_SAN=imap.*,srv1.example.com
+#
+
+ADDITIONAL_SAN=
+
+# Additional server names for mailcow UI
+#
+# Specify alternative addresses for the mailcow UI to respond to
+# This is useful when you set mail.* as ADDITIONAL_SAN and want to make sure mail.maildomain.com will always point to the mailcow UI.
+# If the server name does not match a known site, Nginx decides by best-guess and may redirect users to the wrong web root.
+# You can understand this as server_name directive in Nginx.
+# Comma separated list without spaces! Example: ADDITIONAL_SERVER_NAMES=a.b.c,d.e.f
+
+ADDITIONAL_SERVER_NAMES=
+
+# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
+
+SKIP_LETS_ENCRYPT=n
+
+# Create seperate certificates for all domains - y/n
+# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames
+# see https://wiki.dovecot.org/SSL/SNIClientSupport
+ENABLE_SSL_SNI=n
+
+# Skip IPv4 check in ACME container - y/n
+
+SKIP_IP_CHECK=n
+
+# Skip HTTP verification in ACME container - y/n
+
+SKIP_HTTP_VERIFICATION=n
+
+# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
+
+SKIP_CLAMD=n
+
+# Skip SOGo: Will disable SOGo integration and therefore webmail, DAV protocols and ActiveSync support (experimental, unsupported, not fully implemented) - y/n
+
+SKIP_SOGO=n
+
+# Skip Solr on low-memory systems or if you do not want to store a readable index of your mails in solr-vol-1.
+
+SKIP_SOLR=n
+
+# Solr heap size in MB, there is no recommendation, please see Solr docs.
+# Solr is a prone to run OOM and should be monitored. Unmonitored Solr setups are not recommended.
+
+SOLR_HEAP=1024
+
+# Allow admins to log into SOGo as email user (without any password)
+
+ALLOW_ADMIN_EMAIL_LOGIN=y
+
+# Enable watchdog (watchdog-mailcow) to restart unhealthy containers
+
+USE_WATCHDOG=y
+
+# Send watchdog notifications by mail (sent from watchdog@MAILCOW_HOSTNAME)
+# CAUTION:
+# 1. You should use external recipients
+# 2. Mails are sent unsigned (no DKIM)
+# 3. If you use DMARC, create a separate DMARC policy ("v=DMARC1; p=none;" in _dmarc.MAILCOW_HOSTNAME)
+# Multiple rcpts allowed, NO quotation marks, NO spaces
+
+#WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com
+#WATCHDOG_NOTIFY_EMAIL=
+
+# Notify about banned IP (includes whois lookup)
+WATCHDOG_NOTIFY_BAN=n
+
+# Subject for watchdog mails. Defaults to "Watchdog ALERT" followed by the error message.
+#WATCHDOG_SUBJECT=
+
+# Checks if mailcow is an open relay. Requires a SAL. More checks will follow.
+# https://www.servercow.de/mailcow?lang=en
+# https://www.servercow.de/mailcow?lang=de
+# No data is collected. Opt-in and anonymous.
+# Will only work with unmodified mailcow setups.
+WATCHDOG_EXTERNAL_CHECKS=n
+
+# Enable watchdog verbose logging
+WATCHDOG_VERBOSE=n
+
+# Max log lines per service to keep in Redis logs
+
+LOG_LINES=9999
+
+# Internal IPv4 /24 subnet, format n.n.n (expands to n.n.n.0/24)
+# Use private IPv4 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses
+
+IPV4_NETWORK=10.26.26.0/24
+
+# Internal IPv6 subnet in fc00::/7
+# Use private IPv6 addresses only, see https://en.wikipedia.org/wiki/Private_network#Private_IPv6_addresses
+
+IPV6_NETWORK=fd4d:6169:6c63:6f77::/64
+
+# Use this IPv4 for outgoing connections (SNAT)
+
+#SNAT_TO_SOURCE=
+
+# Use this IPv6 for outgoing connections (SNAT)
+
+#SNAT6_TO_SOURCE=
+
+# Create or override an API key for the web UI
+# You _must_ define API_ALLOW_FROM, which is a comma separated list of IPs
+# An API key defined as API_KEY has read-write access
+# An API key defined as API_KEY_READ_ONLY has read-only access
+# Allowed chars for API_KEY and API_KEY_READ_ONLY: a-z, A-Z, 0-9, -
+# You can define API_KEY and/or API_KEY_READ_ONLY
+
+#API_KEY=
+#API_KEY_READ_ONLY=
+#API_ALLOW_FROM=172.22.1.1,127.0.0.1,10.25.26.0/24
+
+# mail_home is ~/Maildir
+MAILDIR_SUB=Maildir
+
+# SOGo session timeout in minutes
+SOGO_EXPIRE_SESSION=480
+
+# DOVECOT_MASTER_USER and DOVECOT_MASTER_PASS must both be provided. No special chars.
+# Empty by default to auto-generate master user and password on start.
+# User expands to DOVECOT_MASTER_USER@mailcow.local
+# LEAVE EMPTY IF UNSURE
+DOVECOT_MASTER_USER=
+# LEAVE EMPTY IF UNSURE
+DOVECOT_MASTER_PASS=
+
+# Let's Encrypt registration contact information
+# Optional: Leave empty for none
+# This value is only used on first order!
+# Setting it at a later point will require the following steps:
+# https://mailcow.github.io/mailcow-dockerized-docs/troubleshooting/debug-reset_tls/
+ACME_CONTACT=
+
+# WebAuthn device manufacturer verification
+# After setting WEBAUTHN_ONLY_TRUSTED_VENDORS=y only devices from trusted manufacturers are allowed
+# root certificates can be placed for validation under mailcow-dockerized/data/web/inc/lib/WebAuthn/rootCertificates
+WEBAUTHN_ONLY_TRUSTED_VENDORS=n

data/assets/ssl-example/cert.pem

@@ -1,19 +1,33 @@
 -----BEGIN CERTIFICATE-----
-MIIDBDCCAe6gAwIBAgIQeJMoL/3dxhxhT9EwuRTL/DALBgkqhkiG9w0BAQswEjEQ
-MA4GA1UEChMHbWFpbGNvdzAeFw0xNjEyMTMxMDExMDBaFw0xOTExMjgxMDExMDBa
-MC0xEDAOBgNVBAoTB21haWxjb3cxGTAXBgNVBAMTEG1haWwuZXhhbXBsZS5vcmcw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRg0xT3At9DSb3H5OMp3K1
-MpXAgYyotSK6TS61fC0QEHy2fMXiws7Agcye6Ln7CG63Fe1eN2jkdlefy9xJivS8
-y5w0M8i168v5znzC8fnylL2iOiSYfK/B/oEqfU7YH4RcegO53oDDIUZmi4Frgnu7
-39VVOU1ZyHEVqGJ2H2aAIkoZRjGzumD9Ym4LWGidtKJzBgFt/qmhUeWXipM8w281
-XkQnJU79+x2ywnJSvEZ3r/ZVJC7kbjiVw+/k15k9Cxk6Ik8wmJ0X/+xWxoZomHQI
-1LM0VKAS/iaU95dn2bplvL6jTiiyWAbrMjSKs4XbPt/fIbOicNkj6+CFy0MVfyyH
-AgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIAqDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
-KwYBBQUHAwEwDAYDVR0TAQH/BAIwADALBgkqhkiG9w0BAQsDggEBAI/jBJa1P8nB
-eHUN5muQmjBVDVOYyWAAEapOe2HYsBcpjaB2H8Iw3DQzJtz6peYeYSCmHRVqFLCm
-VPrq36l9mPUotyPDPlQQAxCj9R2+WbGaJO+N/E1F8FQ94dr3jqwUyfjVPoqEjmIH
-NFkvbA0RJOeBm9oYGdhM0wjOBV9c9MTHFG82nQ/zQeTuPb7GXuKIOXYCxoLNOZMw
-UJ02Cqjv5ImrgOhcstAKX3Ip0urSvZUGvtPla4CGh+M6yDFJ08GzX6OiMIH207RW
-jAbUXXERSUv/7hysdDjGo5HZjCeMzVu9KAxoZXqnmvkk8g2swKWtWBRcoeU1VGx0
-Bx4Q4KMjuYQ=
+MIIFuTCCA6GgAwIBAgIUaqipN0JatEulBhLWUNrJgE7jiLwwDQYJKoZIhvcNAQEL
+BQAwbDELMAkGA1UEBhMCREUxDDAKBgNVBAgMA05SVzEQMA4GA1UEBwwHV2lsbGlj
+aDEQMA4GA1UECgwHbWFpbGNvdzEQMA4GA1UECwwHbWFpbGNvdzEZMBcGA1UEAwwQ
+bXgyLmxvY2FsLnVuZS5maTAeFw0yMjA0MTQwODMyMjJaFw0yMzA0MTQwODMyMjJa
+MGwxCzAJBgNVBAYTAkRFMQwwCgYDVQQIDANOUlcxEDAOBgNVBAcMB1dpbGxpY2gx
+EDAOBgNVBAoMB21haWxjb3cxEDAOBgNVBAsMB21haWxjb3cxGTAXBgNVBAMMEG14
+Mi5sb2NhbC51bmUuZmkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ
+QqMPISesoujzjh3Z3zz6Bg3EsaKi6gtWcWtJrpFTzFAA+ju+sjJmnsvXt/XqonHQ
+u864HpCjcL2iaShpQtNtdi5wCr31p1V1UmSsaKbVfvQ2nT+pGhcDDAm82SZO6E+C
++7yhpTbSO7OJA1XixTWfCblFgThSGZoAo1aeAop7pJnWxbBDLVZTTr6A2wZUgh/1
+0g4y6yC5rCpjCnnDTrH95R8FsP7iqDJsHlWYeySBUd9Jg0/vs0VNacnvMhUmsrdq
+FUiNA8KW70+VOosMWQDQBwxgNY3TQ+YeH2PWW4M1esWe0lrelnkW274AfqXYVbTl
+FB44vk3EPwpTc5UH7FdtNYbaFJxLQDqHq2OTnQE66Z2X/eb1LSEq8JjVVU9YyuS7
++Q/OgPKz0KRPRrZ8mslM/Q1K20q/hooKqASOd3G4EsCbaUXb6VMNVLgz4BmT83ZV
+SOp0buu6eWZtWvt1402jIC1EAS8o0WJR3UPzh4jTEYBvglxht4Mc0TaGb9cZksuO
+InErQfIQhFG7HFqvEvIPSYUXYlgSaNeqXB8kcaWDBO2jeq83v7lZ3yiiLKPiAsxz
+udVEgYEFWn8maXC/7J7TSYkXO87JqtLgPrwn0KZuRZX60FZjeAqSD1bWKwuNrN3b
+pOiKQA/pOYmaKMi0+IhGo4i4ijyWh3Uo2YAds7b/yQIDAQABo1MwUTAdBgNVHQ4E
+FgQU4Fh1tUR4oaU12UuYo/FIzq4yLS8wHwYDVR0jBBgwFoAU4Fh1tUR4oaU12UuY
+o/FIzq4yLS8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFoWM
+OPxQImvTMHg9eUwh6LVytziGGJJ/0fNOMzb95/M2nWOfAb2S75XkjRR5JELV+6f4
+MD337JwEnQcmHjBqJUl9odCuZEU1ygiR3M2XmWeXUff93yEVOsF4QxNHBPZsNQBM
+BShSEzHjqlsYQF3ztXd5xl1pl/vksIdrTtxsUDydAMu+37cx8shA7Lc48FqbLPmB
+vLDNE6ad7lS2xP0+K8ZWMLffGaUvFi1WcnfGRRgC7UKnvtFZY4QDXxLw0U1CULFF
+dD/EU8gORojd43i44LknIEchsX5w1DAkoXH31a5fl8XkA4IZhUWTIMlQW2YMfhaW
+bnmt8khoU9UpOgYrVBsgMzrTulbnqVBWQjVSITYdjlvcR0MNI8XtjqYM0u0a/BKJ
+os2+qx+SFwBrrjBgRt9y1mxwSD8IXHSM60Eb7Zde3YUI29xb7XdOYv98d9w3PrSE
+hWGqIxavi+cWMnTOsmBGB+Bpq7T2RTIkDWtFZb3qU/xWlsYOnTqYKgpSYZLRrGuc
+z4WUKhbpX6TfNY7JT2th7Vh30TgCDGwcxapnH1O4SYzHjYZgTZScC0KYWIgz9RLV
+PsK2hl22pCsWy5iqawmXBULB2cpzm5AGPQIB4pIMjtznlXbTkZ6ZbYpDDtOZpEud
+QlOyz0kOT7sgnt9jIfwmF1KpxK+tj1Q6DiuuhG0=
 -----END CERTIFICATE-----

data/assets/ssl-example/key.pem

@@ -1,27 +1,52 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA0YNMU9wLfQ0m9x+TjKdytTKVwIGMqLUiuk0utXwtEBB8tnzF
-4sLOwIHMnui5+whutxXtXjdo5HZXn8vcSYr0vMucNDPItevL+c58wvH58pS9ojok
-mHyvwf6BKn1O2B+EXHoDud6AwyFGZouBa4J7u9/VVTlNWchxFahidh9mgCJKGUYx
-s7pg/WJuC1honbSicwYBbf6poVHll4qTPMNvNV5EJyVO/fsdssJyUrxGd6/2VSQu
-5G44lcPv5NeZPQsZOiJPMJidF//sVsaGaJh0CNSzNFSgEv4mlPeXZ9m6Zby+o04o
-slgG6zI0irOF2z7f3yGzonDZI+vghctDFX8shwIDAQABAoIBAQC9kiLnIgxXGyZt
-pmmYdA6re1jatZ2zLSp+DcY8ul3/0hs195IKCyCOOSQPiR520Pt0t+duP46uYZIJ
-aakp9gxaI5Vz+oMacH/AyaBDuDTj1Mf9WMSyIOfbDVCMRJOppGLcVh62+Gfjp2EO
-+h2hTJBuvypFkbK2kVIZOaHVpbXWKw1oYuEcTftk9XfxxvfSMw1HQ12/P2CAcbaa
-jPmVbisunv6kpXtewSBTcaLSYWJf1MYD5Hi8fzkD2FJSXYbfQd8RKvT2rj6FA7ux
-CDMzbYhdnd7lc63OARCIjfCRNtDT1cZ3gR1CQHD98lWxmPQIZukv+w7s/bSrFgnQ
-ROZ0ghBJAoGBAOmE/3d5FDmp0aJNxXynKcRGdpEEM4O40RIdqa2eR6Pa7aTRosao
-z0qVgdFuJrqjlB3jgedxXEX1M0abCUzzM9Q5F7JLl+KsjwRwpkIOkPiyUncLp7LK
-QbY3tvYBIdpjlF1USOMGRL4j11hqr4vQC/yPBF7jj81kCZDTbmZhp82jAoGBAOWu
-ql5QFUOlmqkuWIAFkiLEZhOu+ptqkE+zG50CCGMJIX0dJ2PHXFyNGInomAeT0nbI
-pbnK3x7KeEKiGrAqZFNCTHhApTwkrIj0L/RQbMDZ7u7j1AEUVNFEhIm62kg84FtG
-xtfxVxredE+NQc/tyV3hXegdNZxegALirlcMKIvNAoGAWFwIxk48Ru1o8z72QQqH
-lUsMRicOzwK5qV8r+xPvC6MlVL42F3F8rj4QFwzU/r4yp3SUjNyqC5aSRl8Xj9Re
-gijwPHi6Cf09SHLPliMo29GtvnnchJxfbPF7+23GP3p6gy4HPk/65u9s5nnH3uFk
-B7ad8sGsgg0eSXyXQ4okEn0CgYEAnogPuedGthlxBgMiPMMbmfm7hyyId4t3Ljuu
-/JExnsHnpobf8EPjoVIWNOIhRWGnrCtUEEhR9tvDZCKljyDDfKBPTdU496lMmX8K
-NnToi7gg7iy84T3aSVMktDgPgDrclMPmbZh8CeSvnVUfrtgu3Ci4+4Rlw5eKffNe
-aGDQ/6UCgYAbUq9mRT2WOXIo+Dchi9VzDWgtfOw5VEyqkSpb7hPiIYx5jNaENnVK
-cAi3iqbBgPJBuMlTrKmmaxdmssGOEZNJLuuXLDbCU+f5cpu5PQ4crC6UtRI5rlhp
-8Yc+oiv3HWbSw3sVRpMFB6NP4DnvgFW3B2Wdfb/lNzPCKWqBsX7gWw==
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDJQqMPISesoujz
+jh3Z3zz6Bg3EsaKi6gtWcWtJrpFTzFAA+ju+sjJmnsvXt/XqonHQu864HpCjcL2i
+aShpQtNtdi5wCr31p1V1UmSsaKbVfvQ2nT+pGhcDDAm82SZO6E+C+7yhpTbSO7OJ
+A1XixTWfCblFgThSGZoAo1aeAop7pJnWxbBDLVZTTr6A2wZUgh/10g4y6yC5rCpj
+CnnDTrH95R8FsP7iqDJsHlWYeySBUd9Jg0/vs0VNacnvMhUmsrdqFUiNA8KW70+V
+OosMWQDQBwxgNY3TQ+YeH2PWW4M1esWe0lrelnkW274AfqXYVbTlFB44vk3EPwpT
+c5UH7FdtNYbaFJxLQDqHq2OTnQE66Z2X/eb1LSEq8JjVVU9YyuS7+Q/OgPKz0KRP
+RrZ8mslM/Q1K20q/hooKqASOd3G4EsCbaUXb6VMNVLgz4BmT83ZVSOp0buu6eWZt
+Wvt1402jIC1EAS8o0WJR3UPzh4jTEYBvglxht4Mc0TaGb9cZksuOInErQfIQhFG7
+HFqvEvIPSYUXYlgSaNeqXB8kcaWDBO2jeq83v7lZ3yiiLKPiAsxzudVEgYEFWn8m
+aXC/7J7TSYkXO87JqtLgPrwn0KZuRZX60FZjeAqSD1bWKwuNrN3bpOiKQA/pOYma
+KMi0+IhGo4i4ijyWh3Uo2YAds7b/yQIDAQABAoICAEWb6Z/S/NDl66JJdiOj5Ygo
+TdzI/5JPVqqIQe5TFWqhUM51vfI/2dTKeYBb3Q9RLgJe4qml0Krm1H/21QZLGatT
+Y85WuMrdHF6ep7lF3OYcqcS18I3BO1JPeJK7nFdQXCfWf7B83xApm/f4kl0Djn86
+Mr1KaztiJXSxCcVO5azMCnVRHJyvcpsPsi4JExBpjTpNc6HC1yfA10w4FFMrxb4l
+3+vtAstMF1xzxXEerkqYEZ1wcFZcb8zNmQ1FCjG/QFbNk7FKKqRfkuvvOqaDphdN
+SMeB3lLCujWS78n1DtWRaAZ9hPZVnv379KRhKWVAh3dv1OAVWfpVP3ILmPELmlTL
+NEHgDgqKXcfYXKeZDIrnN8J6yXlEP8ek/kuzYSrmMyF3T9dSPjfpTOrlrcR0rxq4
+93CdFMXTpxAMcUl2LpX+JqsV002AsRfGTmQMSA72g+q2xrRb5/sHf2Z4hsqH6Bwq
+1pLWNU1IJgaL1GUWFWle2xCAWxHb+nX6KP69r5hxUK2tp3oiTQSMWRfxgO/RCMjA
+LtHRV7W9V7vURfqZNEZ0WmkjsfGfy+gWNLbxV/o1BdbesoSXS49RWM4uNTWHE7tx
+i8nIZ8me0bY0TN0V0pEp7XicwW8f0cji9nKt5uEG3gg3nWPYsBEzUL5DznFAudyt
+ncBN/YQo0uno6EWeyWgBAoIBAQDs+7OeTvHGduLq6qCpwKq0G2CoTpGR8LRoYWi0
+UnMr6W7BfudeFuw2LsQ7A+r0G/w6PmWzBT8pAxAU6StzyCKCRi2r+RG7sJtci3H+
+i+5QNOSuPcTvkXxO8VAt9MYM2GJhE62eyzfIxG98NxlQu2E89KyCl+0XAuchyARU
+xSnggFaY4x9ZhzBHD0lUtYTTK514OxjqIYHC/OgivOcaaVYo9qVV2pTVzn94kSyu
+a5x+Ma0JW6ALborc1Y9KQDns6otuhO8XhaNwMOiNMItJfD9B8nwsSmX7/Ei+njy1
+B+QP1lwYibL3ggUjv2ErmZ58zYTfyXRICbjp9ZueRVjw/p8BAoIBAQDZaRY3x59V
+3lFG0dU3cYjQbn0xTAqXJUK3z1TY823yN71FSOKvdk1C6/JbJJo6uRzximy2dT3z
+vPHWtXLau40KWANpoUauztvp2iwGe7tn7grwg+EDuZ744isxR+5upegLXBE7KjlS
+N0g9qrtDY8AvRtHET0F8xkFbML4i/p9I10AvSrbg04QfJ2dH8iEz91mO+c6U1ly6
+nmbg657lVkSjH7aSqdFBeTEupMXZTnJX+06G5dLtOL8rohLqKPiEKwT4OENs/WC/
+WBrXFe92iGAXloAj7X9z2JwL3o/+Ik3I/vhorLrpgV4CotKgLnovNjH51x7Pjknd
+KVNLoFcm9CjJAoIBADC45wrrLCYjly+5IWMFK5Nv9YVk8eTRWiYDsOUx9l/W1GCP
+2L2tdM8G+m0vtwSNJGRNI9eUgpHKAWprLfXV9dJW31j2EkFGZAq42Kz+0/ZFiaaR
+KIYgoTARyOxJ4NYPPtq6kv2MxmFOkaU2JsxEWg+QNk97MNGEVUTKvKk5CA0SFbvF
+JlLfynsxl2AFGdPYqb1oWQz56pXOLWPG9rSlZ4NwgjmOgP8cP3ToVAlgMoJ3cB32
+aocvKPmSJq2bWs1sw1HrnsR1Q07znzw3+MsY8mB6nDD28tTF36bhHZYSkz72UWTy
+GotsfeYFmNK/+KesEV95KaEN7qibSG1X0JtrngECggEAY6nr2Hg3T6rRgXCRmJAA
+UuRDmcStGiqnkhGGaMn2/dGVf1xxJlRKCMKW4DdASGkxnnyBZ4cJdmGIT4/wbdsK
+RdKhBdw7xcjoQSSViAdSmssh0q3yCb4e5SLw/+9kmu6NGCAFeiTaEBltkW9h1vu0
+Tzfc02wtriBIN6B5mRs2M7MRJlzOxvPPnmR20SFrHSJnuMZFcC9wZNBWgwcgWSuZ
+3VmdXVBhr+z5odNBK2PtwO1gSzCx57Na14q9twA/JH+AELXiGuVwY2blLvJMSv8r
+ZcTFSzMFeTq0FjDZu3tIQzq27203ZfG7AeRYP7vuoRPsBwcZhbZJoAvgtktziFTn
+GQKCAQBik9E2gKuwBuZRhKB/LwXk0VT5v6dyYRuRUlfgHgxWGXvACoh/bd/MnBEE
+ZVtG9jY8IRGY+SQ/QvMGGtjwA7IyfrCrdJ6CDJ7y+KVpRiuNaF5L37jQCdf+MNUS
+jPXUEOXWTnbaIh4890l3cPFSs+JelL4MSN9H7dEjD2H5MLLM/5+oZCnLdUeDFCG7
+8Sx31bltOnxgoWDT+ezVayaDX4IfriuYdPMOXklzA1cXKQqVHT1zG1BzFIsUjl9b
+CIGYtPlSC4c1OD0aI0wMaCCcO/oSTMBJF4PhUmNA/tDqEqAkE014sCwTQ01KwkhO
+C27ivs9w2aPg1MpJzryTZlkU6UWH
+-----END PRIVATE KEY-----